ez-bruteforcer

Easy to use package for bruteforce attacks, with support for ECMAScript and CJS

Table of contents

• Import
• API Reference
  • getDispositionsNumber()
  • runSync()
• Usage / Examples
• Credits
• Authors

Import

Import with CommonJS...

const bruteforce = require("ez-bruteforcer");

...or with ECMAScript!

import bruteforce from "ez-bruteforcer";

API Reference

getDispositionsNumber()

Calculate all the dispositions

Will calculate all the avaiable dispositions without finding them

bruteforce.getDispositionsNumber("oh!sle", 6, 1);

Parameter	Type	Description
array	array || string	Required. The array where you want to calculate the dispositions
maxLength	number	Required. The maxium length of the password
minLength	number	Optional. The minium length of the password, if null will default to 1

runSync()

Find all dispositions

Will start the bruteforce attack

bruteforce.runSync({
    data: [],
    step: (value) => return false,
    finish: () => { console.log('finished') },  // Optional
    maxLength: 2,
    minLength: 1 // Optional
})

This function only takes one options argument

• data [ARRAY / STRING] (required) - The characters list to perform the attack, you can use an array or a string.
• step [FUNCTION] (required) - This function will be called every time a new iteration is found, and it will pass as argument the current iteration value. It acts as a "validator" and must always return true or false.
  If it returns true it will stop searching, if instead returns false it will continue to iterate.
• finish [FUNCTION] (optional) - This function will be called when all the iteration will be done. NOTE: It will only be executed when the script finishes the iteration, this means that if a function in the step key will return true before it finishes everything this function will not be triggered.
• maxLength [NUMBER] (required) - The maxium length of the password.
• minLength [NUMBER] (optional) - The minium length of the password, if not specified, will be defaulted to 1

Usage/Examples

import bruteforce from "ez-bruteforcer";

const charactersList = "oh!sle";
const secretPassword = "hello!";
bruteforce.runSync({
  data: charactersList,
  step: (attempt) => {
    console.log(`Trying password: ${attempt}`);
    if (attempt == secretPassword) {
      console.log(`> Found password: ${attempt}`);
      return true;
    } else return false;
  },
  finish: () => {
    console.log("> Nothing has been found:(");
  },
  maxLength: 6,
  minLength: 1,
});
console.log(
  "> Total possible combinations: " +
    bruteforce.getDispositionsNumber(charactersList, 6, 1)
);

/*
...
Trying password: lsllo!
Trying password: esllo!
Trying password: olllo!
Trying password: hlllo!
Trying password: !lllo!
Trying password: slllo!
Trying password: llllo!
Trying password: elllo!
Trying password: oello!
Trying password: hello!
> Found password: hello!
> Total possible combinations: 55986
*/

Credits

• I "stole" the code to find the dispositions from the class "BaseN" in the package js-combinatorics to then modify it to make it work for a bruteforce attack

Authors

• @Farfa7886